3 matches found
CVE-2008-1167
CVE-2008-1167: Stack-based buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, in the useragent function (useragent.c). Remote attackers can execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some details are from third party information. The provided doc...
CVE-2008-1168
Cross-site scripting (XSS) in Squid Analysis Report Generator (Sarg) affects multiple 2.2.x releases (notably 2.2.4; earlier 2.2.3.1) via the User-Agent header when rendering the Squid proxy log. Root cause: an improper handling of User-Agent data leads to script/HTML injection. Impact: remote at...
CVE-2008-1922
CVE-2008-1922 concerns multiple stack-based buffer overflows in the Squid Analysis Report Generator (SARG). The issue could allow remote attackers to execute arbitrary code via unknown vectors, with a crafted Squid log file cited as a probable vector. Public advisories reference SARG fixes across...